Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 2435 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM cluster on Switch cluster

vasileiosg

Hello,

 

I am setting up an active-passive cluster of 2* 310s which should connect to a cluster of HP Switches for redundancy. I am planning to connect each 310 with each switch: 

  • First 310 -> Switch 1
  • First 310 -> Switch 2
  • Second 310 -> Switch 1
  • Second 310 -> Switch 2

The question i have is how do i configure the two interfaces on the 310s so they know they are for redundancy and should have the same IP address?

 

Thanks!



This thread was automatically locked due to age.
Parents
  • +1

    In active-passive cluster you will only need to make changes to 1 SG310 (the master). You can do this with the slave completely disconnected (and turned off)

    You can configure a Link Aggregation Group (LAG) where you put two interface in 1 LAG. Then do the same with the two ports on you HP switches.

    After configuring the first SG310 (including High Availability configuration) you can then also connect the second SG310 (connect all interfaces the same way as on the master and connect the HA port of both SG310's to each other) and then power on the second SG310. 

    Given that they are both on the same firmware version now, they will then sync and HA becomes active.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • +1

    In active-passive cluster you will only need to make changes to 1 SG310 (the master). You can do this with the slave completely disconnected (and turned off)

    You can configure a Link Aggregation Group (LAG) where you put two interface in 1 LAG. Then do the same with the two ports on you HP switches.

    After configuring the first SG310 (including High Availability configuration) you can then also connect the second SG310 (connect all interfaces the same way as on the master and connect the HA port of both SG310's to each other) and then power on the second SG310. 

    Given that they are both on the same firmware version now, they will then sync and HA becomes active.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
No Data
Unfiltered HTML